On May 17, 2017, the Securities and Exchange Commission’s (“SEC’s”) Office of Compliance Inspections and Examinations (“OCIE”) published a Risk Alert pertaining to cybersecurity. According to the Risk Alert, an extensive ransomware attack called WannaCry, WCry, or Wanna Decryptor “rapidly affected numerous organizations across over one hundred countries.” In light of the WannaCry attack, OCIE is urging registered investment advisers, broker-dealers, and investment companies, to address cybersecurity vulnerabilities.
According to the Risk Alert and an alert published by the Department of Homeland Security, U.S. Cert Alert TA17-132A, the hacker or hacking group who instigated the WannaCry attack obtained access to enterprise servers by way of exploiting a Windows Server Message Block vulnerability. WannaCry infects computers using software that encrypts data on a server using a .WCRY file-name extension, which prevents the rightful owner from accessing the data. Once infected, the ransomware software demands payment from the business in return for access to the business’ data. Microsoft released a patch to this vulnerability in March of 2017, but many users of Microsoft operating systems do not diligently update their software. Continue reading